Conventional Encryption Enveloping and Deenveloping

Hi,

I try to implement a class (called CryptoFunctions), which can e. g.
encrypt and decrypt data using symmetric keys.

The class CryptoFunctions itself has a member key of another class
called Key. The key class contains a CRYPT_CONTEXT for handling
symmetric keys in cryptlib format.

I have two functions in class CryptoFunctions at the moment:

encryptSym(char* buf, int dataLength) and decryptSym(char* buf, int
dataLength).

Here is the code I use to encrypt and decrypt data with that functions
(built upon the code from the cl-manual):

###############################
//ENCRYPTION:
//-----------------------------
Result CryptoFunctions::encryptSym(char* buf, const int dataLength) {
       
CRYPT_ENVELOPE cryptEnvelope;
int bytesCopied;

cryptCreateEnvelope(&cryptEnvelope, CRYPT_UNUSED, CRYPT_FORMAT_CRYPTLIB);

cryptSetAttribute(cryptEnvelope, CRYPT_ENVINFO_KEY,
this->key.getKeyContext());

cryptSetAttribute(cryptEnvelope, CRYPT_ENVINFO_DATASIZE, dataLength);

cryptPushData(cryptEnvelope, buf, dataLength, &bytesCopied);
       
cryptFlushData(cryptEnvelope);

char* envelopedData;
envelopedData = new char [bytesCopied];

cryptPopData(cryptEnvelope, envelopedData, bytesCopied, &bytesCopied);
       
cryptDestroyEnvelope(cryptEnvelope);

return Result(envelopedData, bytesCopied);
}

//DECRYPTION:
//-----------------------------
Result CryptoFunctions::decryptSym(char* buf, const int dataLength) {

CRYPT_ENVELOPE cryptEnvelope;
int bytesCopied;

cryptCreateEnvelope( &cryptEnvelope, CRYPT_UNUSED, CRYPT_FORMAT_CRYPTLIB );

cryptPushData( cryptEnvelope, buf, dataLength, &bytesCopied );

cryptSetAttribute( cryptEnvelope, CRYPT_ENVINFO_KEY,
this->key.getKeyContext() );

cryptFlushData( cryptEnvelope );

char* deenvelopedData;
deenvelopedData = new char [bytesCopied];

cryptPopData( cryptEnvelope, deenvelopedData, bytesCopied, &bytesCopied );

cryptDestroyEnvelope( cryptEnvelope );

return Result(deenvelopedData, bytesCopied);
}
###############################

"this->key.getKeyContext()" returns the key context containing the
symmetric key stuff. Encryption works fine. But at decryption time,
there is an error of type CRYPT_ERROR_PERMISSION (-21) at the line where
I try to set the key attribute for decryption:

cryptSetAttribute( cryptEnvelope, CRYPT_ENVINFO_KEY,
this->key.getKeyContext() );

I also tried to use "CRYPT_ENVINFO_SESSIONKEY" in both cases instead,
but with the same result.

What am I doing wrong at this point? For which action do I not have the
permission? It is the same key used for encryption and decryption ...

Best regards,
Sven W.


_______________________________________________
Cryptlib mailing list
Cryptlib@... via Mail: cryptlib-request@...
Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/
http://news.gmane.org/gmane.comp.encryption.cryptlib
Posts from non-subscribed addresses are blocked to prevent spam, please
subscribe in order to post messages.

Hi,

just wanted to mention, that I solved that issue. The problem was the
wrong allocation of the byte-arrays (envelopedData, deenvelopedData) for
the popped data, where I used bytesCopied instead of a much bigger
buffer, to allocate memory for these arays.

Best regards,
Sven W.


Sven Wiebusch schrieb am 26.08.2008 13:55 folgendes:
_______________________________________________
Cryptlib mailing list
Cryptlib@... via Mail: cryptlib-request@...
Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/
http://news.gmane.org/gmane.comp.encryption.cryptlib
Posts from non-subscribed addresses are blocked to prevent spam, please
subscribe in order to post messages.